]> xenbits.xensource.com Git - qemu-xen-4.1-testing.git/commit
projects / qemu-xen-4.1-testing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b36c429) | patch
e1000: Discard packets that are too long if !SBP and !LPE
authorMichael Contreras <michael@inetric.com>
Mon, 3 Dec 2012 04:11:22 +0000 (20:11 -0800)
committerIan Jackson <Ian.Jackson@eu.citrix.com>
Wed, 16 Jan 2013 14:12:40 +0000 (14:12 +0000)
commitb4e9b8169dedc0bcf0d3abe07642f761ac70aeea
tree156b6bae63bc932f1fda55cd1e5602fc8bb8d021tree
parentb36c42985575cd6d761d39e5770e57a1f52832aecommit | diff
e1000: Discard packets that are too long if !SBP and !LPE

The e1000_receive function for the e1000 needs to discard packets longer than
1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes
this behavior and allocates memory based on this assumption.

Signed-off-by: Michael Contreras <michael@inetric.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
[ This is a security vulnerability, CVE-2012-6075 / XSA-41. ]
(cherry picked from commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf)
hw/e1000.c diff | blob | history
Obsolete Qemu-dm 4.1 stable branch